Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Don't fix that security hole - sue the finder instead (fwd)



I found that interesting. My coworker is playing around with that exploiut 
now. Looking at it, it may be exploiting a hole in the chip's palcode, 
which can be easily fixed with a firmware upgrade. In any case, it should 
be fixable. More specifically, system calls are performed via a trap 
through the palcode. 
On 31 Jul 2002 at 9:33, David Kramer wrote:
>   HP had a security hole in their Tru64 UNIX.  The fact was
> apparently made public last year.  Someone recently published
> the info, along with sample C code that exploits the hole.  HP
> threatened them with DMCA prosecution and with a lawsuit.
> 
> http://news.com.com/2100-1023-947325.html?tag=fd_lede

-- 
Jerry Feldman <gaf at blu.org>
Associate Director
Boston Linux and Unix user group
http://www.blu.org PGP key id:C5061EA9
PGP Key fingerprint:053C 73EC 3AC1 5C44 3E14 9245 FB00 3ED5 C506 1EA9





BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org